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SYSTEM AND METHOD FOR PAYMENT USING RADIO FREQUENCY 
IDENTIRCATiON IN CONTACT AND CONTACTLESS TRANSACTIONS 

Field df Invention 

5 This invention generally relates to a system and method for completing a 

transaction, and more particiJlarly, to completing a finiancial transaction using Radio 
Frequency identification (RFID) in contact and contactless transactions. 

M 

Background of the Invention 

10 Like barcode and voice data entry, RFID is a contactless information 

acquisition technology. RFID systems are wireless, and are usually extremely 
effective in hostile environments where conventional acquisition methods fail. RFID 
has established itself in a wide range of markets, such as. for example, the high- 
speed reading of railway containers, tracking moving objects such as livestock or 
15 automobiles, and retail inventory applications. As such, RFID technology has 
becorjfie a primary focus in automated data collection, identification and analysis 
. systems wortdwide. 

Of late, companies are increasingly ernbodying RFID data acquisition 
technology in a fob or tag for use in completing finandal transactions. A typical fob 
< 20 includes a transponder and is ordinarily a self-contained device which may be 
contained on any portable fonm factor. In some Instances, a battery may be 

4 ■ 

included with the fob to power the transponder. In which case the intemal circuitry 
, of the fob (including the transponder) may draw its operating power from the battery 
power source. Altematively. the fob may exist independent of an intemal power 

25 source. In ttiis instance the intemal drcuitry of the fob pncluding the transponder) 
may gain its operating power directiy from an RF intenrogation signal. U.S. Patent 
No. 5,053,774 issued to Schuermann describes a typical transponder RF 
interrogation system which nnay be found in the prior art. The Schuermann patent 
describes In general the powering technology surrounding conventional transponder 

30 structures. U.S. Patent No. 4,739.328 discusses a method by which a conventibhal 

■ 

transponder may respond to a RF interrogation signal. Other typical nriodulation 
techniques which may be used include, for example, ISO/IEC 1.4443 and the like. 

• . .1 
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In the conventional fob powering technologies used» the fob is typically 
activated upon presenting the fob In an interrogation signal. In this regard, the fob 
may be activated irrespective of whether this user , desires such activation. 

• * • ■ . 

Inadvertent presentation of the fob may result in initiation and completion of an 
5 unwanted transaction. Thus, a fob system is needed which allbws the fob user to 
. control activation of the fob to limit transactions being undesirably completed. 

One of the more visible uses of the RFID technology is found in the 
introduction of Exxon/Mobil's Speedpass® and Shell's EasyPay® products. These 
products use transponders placed in a fob or tag which enables automatic 
10 identification of the user when the fob is presented at a Point of Sale (POS) device. 
Fob identification data is typically passed to a third party server database, where the 
identification data is referenced to a customer (e.g., user) credit or debit account. In 
an exemplary processing method, the server seeks authorization for the transaction 
by passing the transaction and account data to an authorizing entity. Once 
15. authorization is received by the server, dearahce is sent to the point of sale device 
for completion of the transaction. In this way, the conventional transaction 
processing method involves an indirect path which causes undu^ overhead due to 
the use of the third-party server. 

A need exists for a transaction authorization system which allows Fob 
20 transactions to be authorized while eliminating the cost assodated with using third- 
party servers. 

In addition, conventional fobs are limited in that they must be used in 
proximity to the Point of Sale device. That is, for fob activation, conventional fobs 
must be positioned within the area of transmission cast by the RF Interfogatiort 
25 signal. More partlculariy, conventional fobs are not affective for use in situsitions 
yvhere the user wishes to conduct a transaction at a point of interaction such as a 
computer inteitace. 

Therefore, a need exists for a fob embodying RFID acquisition technology, 
which is capable of use at a point of sale device and whidi is additionally capable of 
.30 facilitating transactions via a computer interface connected to a network (e.g., the 
Intemet). 

Existing transponder-reader payment systems, are also limited in that the 
conventional fob used in J9ie systems is only responsive to one intenrpgatipn signal. 
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• * • 

Thus, where multiple interrogation signals are used, the fob Is only responsive to the 
interrogation signal to which it is configured. If the RFID reader of the system 
provides only an inten^ogation signal to which the fob is incompatible, the fob will not 
be properly activated. 

5 Therefore, a need exists for a fob which is riesponsive to more than one 

Interrogation signal. 

Summary of the invention 

Described herein is a system and method for using RFID technology to 

10 initiate and complete financial transactions. The transponder-reader payment 
system described herein may include a RFID reader operable to pro\^"de a RF 
/ Interrogation signal for powering , a transponder system, receiving a transponder 
system RF signal, and providing transponder system account data relative to the 
transponder system RF signal. The transponder-reader payment system rrlay 

15 Include a RFID protocol/sequence controller in eledriral communication with one or 
more inten-pgators for providing an inten-ogatlon signal to a transponder, a RFID 
authentication drcult for authenticating the signal received from the transponder, a 
serial or parallel interface for interfadng with a point of interaction device, and an 
USB or serial interface for use in personalizing the RFID reader and/or the 

>0 transponder. The transponder-reader payment system may further include a fob 
including one.or more transponders (e.g., modules) responsive to the interrogation 
signal and for providing an authentication signal for verifying that the transponder 
and/or the RFID reader are authorized to operate within the transponder-reader 
payment system. In this way, the transponder may be responsive to multiple 

!5 interrogation signals provided at different frequendes. Further, the transponder may 
Include a tJSB or serial interface for use with a computer network or with the RFID 
reader. 

The RFID system and method according to the present invention may include 
a RFJD-ready temrunal and a transponder which may be embodied in a fob, tag. card 
iO orany other form factor (e.g., wristwatch, keychain. cell phone, etc.), which may be 
capable of being presented for interrogation. In that regard, although the. 
transponder is described herein as embodied in a fob, the invention is not so limited. 
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The system may further include a RFlD reader configured to send a standing 
RFID recognition signal which may be transmitted from the RFID reader via radio 
frequency (or electromagnetic) propagation. The fob may be placed within proximity 
to the RFID reader such that the RFID signal may Inten-ogate the fob and initialize 
5 fob identification procedures. 

In one exemplary embodiment, as a part of the identificaitibn prdceSS} the fob 
and the RFID reader may engage in mutual authentication. The RFID reader may 
identify the fob as Including an authorized system transponder for receiving 
encrypted information and storing the infonration on the fob memory, Similariy, the 
10 fob, upon interrogation by the RFID reader, may identify the RFID reader as 
authorized to receive the encrypted and stored information. Where the RFID reader 
and the fob successfully mutually authenticate, the fob may transmit to the RFID 
reader certain information identifying the transaction account or accounts to which 
the fob is associated. The RFID reader may receive the information arid forvvard the 
15 Information to facilitate the completion of a trahsactidn. In one exenhplary 
embodiment, the RFID readier may forward the information to a point of interisctlon 
device (e.g., POS or computer interface) for transaction conrtpletion. The mutual 
authorization process disclosed herein aids in ensuring fob transponder*reader 
payment system security. 
20 In another exemplary embodiment, the fob according to the present 

invention, includes means for completing transactions via a computer interface. The 

• ' • • • 

fob may be connected to the computer using a US6 or serial interface fob account 
iriformation may be transferred to the computer for use in completing a transaction 
viia a networic (e.g., the Internet). 
25 These features and other advantages of the system and rhethod, as well as 

the structure and operation of various exemplary embodiments of the system and 
method, are described below. 

Brief Description of the Drawings 
30 The accompanying drawings, wherein like numerals depict like elements, 

. illustrate exemplary embodiments of the present invention, and together with the 
description, serve to explain the principles of the invention. In the drawings: 
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FIG. 1 A Illustrates an exemplary RFID-based system in accordance with the 
preiseht invention, wherein exemplary, components used for fob transaction 
completion are depicted; 

FIG. 1B illustrates an. exenrplary personalization systehi in accordance with 
5 the present invention; 

FIG. 2 is a schennatic illustration of an exemplary fob in actordance with the 
present Invention; 

FIG. 3 is a schematic illustration of an exemplary RFID reader in accordance 
. with the present invention; 
10 FIG. 4 is an exenplary flow diagram of an exemplary authentication process 

in accordance with the present invention; 

FIG. 5 is an exemplary flow diagram of an exemplary decision process for a 
protocol/sequence controller in accordance with the present invention; 

FIGS: 6A-B are dh exemplary ftow diagram of a fob personalization process 
15 in accordance wth the present invention; 

• • ' . ' 

FIGS. 7A-B are an exerhplary flow diagram of a RFID reader personalization 

• • ■ 

process in accordance with the present invention; 

FIG. 8 is a flow diagram of an exemplary p&yment/transaction process in 

■ - • 

accordance with the present invention; and 
-20 FIG. 9 is another schematic illustration of an exemplary fob in accordance 

with the present invention.. 

Detailed Description 

The presecit invention may be described herein in terms of functional block 

25 components, screen shots, optional selections and various processing steps. Such 
functional blocks, may be realized by any number of hardware and/or software 
components configured to perform to specified functions. For example, the present 
invention may employ various integrated circuit components, e.g., memory 
elements, processing elements, logic elements, look-up tables, and the like, which 

30 may carry out a variety of functions under the cdritrbl of one or rpore 
mircroprocessors or other control devices. Similariy, the software elements of the 
. present invention may be implemented with any programming or scripting language 
such as C, C++, Java, COBOL, assembler, PERL, extensible maricup language 

5 
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(XML). JavaCatd and MULTOS with the various algdrithrhs being implemented with 
any combination of data structures, objects, processes, routiries or other 
pfogramming elements. Further, it should be noted that the present invention may 
Employ any number of conventional techniques for data transmission, signaling, 

5 data processing, network control, and the like. For a basic Introduction on 
cryptography, review a text written, by Bruce Schneier entitled "Applied 
Cryptography: Protocols. Algorithms, arid Source Code in C," published by John 
Wiley & Sons (second ediUon. 1996), herein jncorpoteled by reference. 

In addition, many applicaticins of the present invention could be formulated. 

10 The exemplary network disclosed herein may include any system for exchanging 
data or transacting business, such as the internet, an intranet, an extranet, WAN, 
LAN satellite communications, and/or the like. It is noted that the network rray be 
Irriplemented as other types of networks, such as an interactive television network 
(ITN). 

15 Where required, the system user may Interact with the system via any input 

device such as, a keypad, keyboard, mouse, kiosk, personal digital assistant, 
handheld computer (e.g.. Palm Pilot®. Bluebeny©), cellular phone and/or the like. 
Slmilariy, the Ihyention could be used in conjunction with arty type of personal 
computer, network computer, work station, minicomputer, mainframe, or the like 

20 running any operating system such as any version of Windows, Windovre NT, 
Windows 2000, Windows 98, Windows 95, MacOS, QS/2, BeOS. Linux, UNIX, 
Solaris or the like. Moreover, although the invention may frequently be described as 
being implemented with TCP/IP communications protocol, it should be understood 
that the Invention could also be implemented using SNA. IPX, Appletalk, IPte, 

25 NetBIOS. OSI or any liumber of communications protocols. Moreover, the system 
Contemplates, the use. sale, or distribution of any . goods, services or information 
over any networi< having siadlar functionality described herein. 

FIG. 1A illustrates, an exemplary RFID transaction system 100A in 
. accordance with the present inyenUon. wherein «<emplary cornponehts for use in 

30 cbinpleting a fob transacUon are depicted. In general, the operation of system 1 0OA 
may begin when fob 102 is presented for payment, and is interrogated by RFID 
reader 104 or, altematively, interface 134. Fob 102 and RFID reader 104 may then 
engage in mutual authentication after which the transponder 102 nfiay provide the 
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transponder jdentlfication and/or account identifier to the RFID reader 104 which 
may further provide the Information to the merchant system 130 POS device 110. 

System 100A may include a fob 102 having a transponder 114 and a RFID 
reader 104 In RF communication with fob 102. Although the present invention is 
5 described with respect to a fob 102, the Invention is not to be so limited. Indeed, 
system iOO may Iriclude any device having a transponder which Is configured to 
communicate with a RFID reader 1 04 via RF communication • Typical devices may 
include, for example, a key ring, tag, card, cell phone, wristwatch or any such form 
capable of being presented for interrogation. 

10. . The RFID reader 104 may be configured to communicate using a RFID 
intemal antenna 106. Alternatively. RFID reader 104 may include an external 
antenna 108 for communications with fob 102, where the external antenna may be 
rnade remote to the RFID reader 104 using a suitable cable and/or data link 120. 
RFID reader 104 may be further In communication with a nierchaht system 130 via 

15 a data link 122. The system 100A may include a transaction completion system 
including a point of Interaction deyice such as, for example, a merchant point of sale 
(POS) device 110 or a computer interface (e.g., user interface) 134. In one 
exemplary embodiment the transaction completion systeni may Include a merchant 
system 130 including the POS device 1 10 in communication with a RFID reader 104 

20 (via data link 122), As described more fully below, the transaction completion 
system may include the user interface 134 connected to a network 136 and to the 
transponder via a USB connector 1 32. 

Although the point of interaction device is described, herein with respect to a 
merchant poirtt of sale (PCS) device, the Invention is not to be so limited. Indeed, a 

25 merchant POS device is used herein by way of example, arid the point of interaction 
device may be ariy device capable of receiving fob account data. In this regard, the 
POS may be any point of interaction device enabling the user to conr)plete a 

• * * 

transaction using a fob 1 02. POS device 110 may be in further communication witti 
a customer interface 118 (via data linl< 128) for entering at least a customer Identity 

. * « 

30 Verification information. In addition, POS device 110 niay be in comriTUhicatlon with 
a merchant host network 112 (via data link 124) for processing any transaction 
request. In this an^ingement, infomnation provided by RFID reader 104 is provided 
to the POS device J 10 of merchant system 130 via. data link 122. The POS device 
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110 rhay receive the information (and alternatively may receive any identity verifying 
Information from customer Interface 118 via data link 128) arid provide the 
Infomnation to host system 1 12 for processing. 

A variety of conventional corhmunicatlons media and protocols may be used 

5 for data links 120, 122, 124. and 128. For example, data links 120, 122, 124, and 
128 may be an Internet Service Provider (ISP) configured to fadlitate 
communications over a local loop as is typically used in connection with standard 
mddem communication, cable modem, dish networks, ISDN, Digital Subscriber 
Lines (DSL), or any wireless communication media. In addition, the merchant 

10 system 130 including the POS device 110 and host networi< 112 may reside on a 
local area network which interfaces to a reimote network (not shown) for remote 
authorization of an Intended transaction. The merchant system 130 may 
communicate with the remote network via a leased line, such as a T1, D3 line, or 
the like. Such communicatiohs liries ai-iB described In a variety of texts, such as, 

- 

15 "Understanding Data Communications," by Gilbert Held, which is Incorporated 

herein by reference. 

An account number, as used herein, may include any identifier for an account 
{e.g., credit, charge debit, checking, Sjavings^ reward, loyalty, or the like) which may 
be maintained by a transaction account provider (e.g., payment authorization 
20 center) and which may be used to complete a finandal transaction. A typical 
. account number (e.g., account data) may be con^elated to a credit or debit account, 
loyalty account, or rewards account maintained and serviced by such entities as 
American Express, Visa and/or MasterCard or the like, For ease In understanding, 

♦ ' . • 

the present invention may be described with respect to a credit account. However, it 
25 should be noted that the invention is not so llrnlted and other accountis pemiitting an 
exchange of .goods and sennces for an account data value Is contemplated to be 
within the scope of the present invention. 

In addition, the account number (e.g., account data) may be associated with 
. any device, code, or other identifier/indida suitably configured to allow the consumer 
30 to Interact or communicate with the system, such as, for exaniple, 
authorization/access code, personal Identification number (PIN), Internet code, 
digital certificate, biometric data, and/or other Identification indicia. The account 
. nun^er may be optionally located on a rewards card, charge card, credit card, debit 
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card, prepaid card, telephone card, smart card, magnetic stripe card, bar code card, 
and/or the like. The account number may be distributed and stored in any form of 
plastic, electronic, magnetic, and/or optical device capable of transmitting or 
downloading data to a second device. A customer account number may be, for 
5 exarrple, a sixteen-digit credit card number, although each aedit provider has its 
own numbering system, such as the fifteen-digit numbering system used by 
Anierican Express. Each company's credit card numbers comply with that 
company's standardized format such that the company using a sixteen-digit format 
will generally use four spaced sets of numbers, as represented by the number "0000 
10 0000 0000 0000". In a typical example, the first five to seven digits are reserved for 

■ ♦ • , 

proceissing purposes and identify the issuing bank, card type and etc. In this 
example, the last sixteenth digit is used as a sum check for the sixteen-digit number. 
The intermediary eight-to-ten digits are used to uniquely identify the customer. The 
account number stored as Track 1 and Track 2 data as defined in. ISO/IEC 7813, 

15 arid further may be made unique to fob 102. In one exemplary embodiment, the 
account number may include a unique fob serial number and user Identification 
number, as well as specific application applets. The account number may be stored 
in fob 102 inside a database 214, as described more fully below. Database 214 
may be configured to store multiple account numbers issued to the fob 102 user by 

20 the same or different account providing . institutions. Where the account data 
corresponds to a loyalty or rewards account, the database 214 may be configured to 
store the attendant loyalty or rewards points data. 

FIG. 2 illustrates a block diagram of the many functional blocks of an 
exemplary fob 102 in accordance with the present invention. Fol> 102 may be a 

25 FtFID fob 1 02 which may be presented by the user to facilitate an exchange of funds 
or points, etc., for receipt of goods or services. As described herein^ by way of 
example, the fob 102 tr\ay be a RF1D fob which may be presented for fadlltating 
payment for goods and/or services. 

Fob 102 may include an antenna 202 for receiving an interrogation signal 

3d from RFID reader 104 via antenna 106 (or altematively, via external antenna 108), 
. Fob antenna 202 may be in communication with a transponder 114. In one 
exemplary embodiment, transponder 114 may be a 13.56 MHz transponder 

r ^ r^conrpliant with the ISO/IEC 14443 standard, and antenna 202 may be of the 13 MHz 

. • . _ . ... 

' ■ ■ ■ 

9 
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variety. The transponder 114 may be in communication with a transponder 
compatible modulator/demodulator 206 configured to receive the signal from 
transponder 114 and configured to modulate the signal into a format readable by 
any later connected circuitry- Further, modulator/demodulator 206 may b^ 
5 configured to format (e.g., demodulate) a signal received from the later connected 
circuitry in a format compatible with transponder 1 14 for transmitting to FtFlD reader 
104 via antenna 202. For example, where transponder 114 is of the 13.56 MHz 
variety, modulator/denrwdulator 206 may be ISO/IEC 14443-2 compliant. 

Modulator/demodulator 206 may be coupled to a protocol/sequence 

10 cdhtf oiler 208 for facilitating control of the authentication of the signal provided by 
RFID reader 104, and for facilitating control of the sending of the fob 102 account 
number. In this regard, protocol/sequence controller 208 may be any suitable digital 
or logic driven circuitry capable of facilitating determination of the sequence of 
operation for the fob 102 inner-drcuitry. For example, protocol/sequence controller 

15 208 may be configured to determine whether the signal provided by the RFID reader 
104 Is authenticated, and thereby providing to the RFID reader 104 the account 

number stored on fob 102. 

Protocol/sequence controller 208 may be further in comrhunicatlon with 
authentication drcuitry 210 for fadlitating authentication of the signal prowded by 

20 RFID reader 104. Authentication drcuitry may be further in communication with a 
non-volatile secure memory database 212. Secure memory database 212 may be 
any suitable elementary file system such as that defined by ISO/IEC 7816-4 or any 
other elementary file system allowing a lookup of data to be Interpreted by the 
application on the chip. Database 212 may be any type of database, such as 

25 rfelatlonal, hierarchical, object-oriented, and/or the like. Common database products 
that may be used to implement the databases include DB2 by IBM (White Plains, 

• • • 

NY), any of the database products available from Oracle Corporation (Redwood 
Shores. CA), Miaosofl Access or MSSQL by Microsoft Corporation (Redmond, 
Washington), or any other database product. Database may be organized In any 
30 suitable manner, induding as data tables or lookup tables. Assodatioh of certain 
data may be accomplished through any data assodation technique known and 
practiced In the art. For example, the assodation misiy be accbniplished either 
.manually or autoniatically. Autonratic assodation - techniques nriay indude^ 
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example, a database search, a database merge. GREP, AGREP, SQL, arid/or the 
like. The assodation step may be accomplished by a database merge function, for 
example, using a "key field" In each of the manufacturer and retailer data tables. A 
"key field" partitions the database according to the high-level class of objects 

5 defined by the key field. For example, a certain dass may be designated as a key 
: field in both the first data tiable arid the second data table, and the two data tables 
may then be merged on the basis of the dass data in the key field. In this 
embodiment, the data coaesponding to the key field In each of the merged data 
tables is preferably the same. However, data tables having similar, though not 

10 identical, data in the key fields may also be merged by using AGREP, for example. 

The data may be used by protocol/sequence controller 208 for data analysis 
and used for management and control purposes, as well as security purposes. 
Authentication drcuitry may authenticate the signal provided by RFID reader 104 by 
assodation of the RFID signal to authentication keys stored on database 212. 

15 Encryption drcuitry may use keys stored on database 212 to perfomn encryption 
and/or decryption of signals sent to or from the RFID reader 1 04. 

In additiwi, protocol/sequence controller 208 may be in communication with a 
database 214 for storing at least a fob 102 account data, and a unique fob 102 
identification code. Protocol/sequence controller 208 may be configured to retrieve 

20 the account number from database 214 as desjred> Database 214 may be of the 
same configuration as database 21 2 descrit)ed above. The fob account data and/or 
unique fob identification code stored dn database 214 may be encrypted prior to 
storage. Thus, where protocol/sequence controller 208 retrieves the account data, 
&nd or unique fob identification code from database 214, the account number may 

25 be encrypted when being provided to RFID reader 104. Further, the data stored on 
= database 214 may include, for example, an unencrypted unique fob 102 
Identification code, a user identification. Track 1 and 2 data, as well as specific 

application applets. 

Fob 102 may be configured, to respond to multiple interrogation frequency 
30 transn^ssions provided by RFID reader 104, That is, as described niore fiiily below, 
RFID reader 104 may provide more ttian one RF interirdgation signal. In this case, 
fob 102 may be configured to respond to the.mulUple frequenaes by including in fob 
102 one or more additional RF signal receiving/transrritting units 226. RF . signal 
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receiving/transmitting unit 226 may include an antenna 218 and transpondier 220 
where the antenna 218 arid transponder 220 are compatible with at least one of the 
additional RF signals provided by RFID reader 104, For example, In one exemplary 
embodiment, fob 102 may include a 134 KHz antenna 218 configured to 
5 communicate with a 134 KHz transponder 220. In this exenriplary configuraition, an 
ISO/IEC 14443-2 con^liant modulator/demodul^for may not bei required. Instead, 
the 134 KHz transponder may be configured to communicate directly with the 
protocol/sequence controller 208 for transmission and receipt of authentication and 
account number signals as described above. 

10 . In another embodiment, fob 102 may further include a universal serial bus 
(USB) connector 132 for interfacing fob 102 to a user interface 134. User interface 
134 may be further in communication with a POS device 110 via a network 136. 
Network 136 may be the Internet, an intranet, or the like as is described above with 
respect to network 112. Further, the user interface 134 may be similar in 

15 construction to any conventional input devices and/or computing systems 
aforementioned for permitting the system user to interact with the system. In one 
exemplary embodiment, fob 102 may be configured to facilitate online Intemet 
. payments. A USB converter 222 may be in communication with a USB connector 
232 for facilitating the transfer of information between the modulator/demodulator 

20 206 and USB connector 132. Alternatively, USB converter 222 may be in 
communication with protocol/sequence controller 208 to facilitate the transfer of 
information between protocol/sequence controller 208 and USB connector 132. 

Where fob 102 includes a USB connector 132, fob 102 may be in 
communication with, for example, a USB port on user interface 134. The 

25 infdnnation retrieved from fob 102 nnay be compatible with credit card and/or snnart 
card technology enabling usage of interactive applications on the Intemet. No RFID 
reader nnay be required in this enr^odiment since the connection to POS device 110 
may be made using a USB port on user interface 134 and a network 136. 

Fob 1 02 may include means for enabling activation of the fob by the user. In 

30 brie exemplary embodinieht, a switch 230 which may be operated by the user of the 
fob 102. The switch 230 on fob 102 may be used to selectively or inclusively 
activate the fob 1 02 for particular uses. In this cohte>ct, the term "selecti vel/ may 
rnean that the swtch 230 eni^bles the user to place the fob 102 in a particular 

12 . 
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Operational mode. For exarhpie, the user may place the fob 102 In a mode for 
. einablthg purchase of a good or of a service using a selected account nuniber. 
Alternatively, the fob may be placed in a mode as such that the fob account number 
Is. provided by USB port 132 (or serial port) only and the fob transponder 114 is 

5 disabled. In addition, the term "inclusively" nnay mean that the fob 102 is placed in 

. • . 

an operational mode permitting the fob i 02 to be responsive to the RF interrdg^tiori 
and interrogation via the USB connector 132. In one particular embodiment, the 
svvilch 230 may remain in an OFF position ensuring that one or more applications or 
accounts assodated with the fob 102 are noh-reactive to any commands issued by 
10 . RFID reader 104. As used herein, the OFF position may be ternned the "nomnal" 
position of the activation switch 230, although other nornr)at positions are 
contemplated. 

In another exemplary embodiment, when the switch 230 is moved from the 
OFF position, the fob 102 n^y be deenried activated by the user. That is, the switch 

15 230 may activate Internal circuitry in fob 102 for permitting the tob to be responsive 
to RF signals (e.g., commands from RFID reader 104). In this way, switch 230 nlay 
facilitate control of the active and inactive states of the fob 102. Such control 
increases the system security by preventing inadvertent or illegal use of the fob 1 02. 
In one exemplary embodiment, switch 230 nnay be a simple mechanical 

20 device in communication with circuitry which may electrically prevent the fob from 
being powered by a RFID reader. That is, when switch 230 is in its normal position, 
switch 230 may provide a short to the fob 102 internal circuitry, preventing fob 102 
frbrh being responsive to interrogation by RF or via the USB connector 230. In this 
aftangement, the switch 230 may be, for example, a "nomnally dosed" (NC) 

25 configured switch, which may be electrically connected to the antenna 202 at the 
Interface of the antenna 202 and the transponder 114. The switch 230 may be 
depressed, which may open the switch 230 fully activating the antenna 202. 

In yet another exemplary embodiment, the fob 102 may include a biometric 

sensor and biometric membrane configured to operate as switch 230 and activate 

' . ■ * . ' ■ 

30 the fob 102 when provided biometric signal from the fob 102 user. Such biometric 
signal nriay be the digital reading of a fingerprint^ thumbprint, or the like. Typically, 
where biometric drcuitry 13 used, the biometric circuitry may be powered by an 
intiemal voltage source (e.g., battery). In this qase, the 5wi|tch may not be a simple. 

13 
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mechanical device, biit a switch which is powered. In yet another exemplary 
embodiment, switch 230 may be battery powered though no biometric drcuitry is 
present in the fob 1 02. 

In yet another enibodimeht, the switch 230 may be a logic switch: Where 
5 switch 230 is a logic switch the switch 230 control software may be read from the 
sequence controller 208 to selectively control the activati(») of the various fob 102 
components. 

FIG. 3 illustrates an exemplary block diagram of a RFID reader 104 in 
accordance with an exemplary embodinrient of the present invention. RFID reader 
104 includes, for example, an antenna 106 coupled to a RF nwdule 302, which is 
further coupled to a control module 304. In addition, RFID reader 104 may include 
an antenna 108 positioned remotely from the RFID reader 104 and coupled to RFID 
reader 1 04 via a suitable cable 120, or other wire or wireless connection. 

RF module 302 and antenna 106 may be suitably configured to fadlitate 
communication with fob 102. Where fob 102 is fomiatted to receivie a signal at a 
particular RF frequency, RF module 302 may be configured to provide an 
intenrdgation signal at that same frequency. For example, in one exemplary 

* * > 

errt)odinrient, fob 102 may be configured to respond to an interrogation signal of 
about 13.66 MHz. In this case, RFID antenna 106 may be 13 MHz arid may be 
configured to transmit an inten-ogation signal of.about 13.56 MHz. That is, fob 102 
may be configured to include a first and second RF module (e.g., transponder) 
where the first module may operate using a 134 kHz frequency and the second RF 
module may operate using a 13.56 MHz frequency. The RFID reader 104 may 
Include two receivers which rnay operate using the 134 kHz frequency, the 13.56 
MHz frequency or both. When the reader 104 is operating at 134 kHz frequency, 
only operation with the 134 kHz module on the fob 102 may be possible. When the 
reader 104 Is operating at the 13.56 MHz fi^equency, only operation with the 13.56 
MHz module on the fob 102 may be possible. Where the reader 104 supports both a 
134 kHz frequency and a 13.56 MHz RF module, the fob 102 may receive both 
signals from the reader 104. In this case, the fob 102 may be configured to prioritize 
: selection of the one or the other frequency and reject the remaining frequency. 
Alternatively, the reader 104 may receive signals at both frequencies from the fob 

• • » ■ ■ m 

14 
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upon interrogation. In this case, the reader 104 nriay be configured to prioritize 
selection of one or the other frequency and reject the remaining frequency. 

Further, protocol/sequence controller 314 nnay include ah optional feedback 

» • • * 

function for notifying the user of the status of a particular transaction. For exanrple, 

5 the optional feedback may be in the fomri of an lED, LED screen and/or other visual 
display which |s configured to light up or display a static, scrdllihg, flashing and/or 
other message and/or signal to inform the fob 102 user that the transaction Is 
initiated (e g., fob is being inten-ogated). the fob is valid (e.gf., fob is authenticated), 
transaction is being processed, (e.g., fob account number is being read by RFID 

10 reader) and/or the transaction is accepted or denied (e.g.. transaction approved of 
disapproved). Such an optional feedback may or may not be accompanied by an 
audible indicator (or may present the audible indicator singly) for infomiing the fob 
102 user of the transaction status. The audible feedback may be a simple tone, 
multiple tones, musical indicator, and/or voice indicator configured to signify when 

16 the fob 102 is being iritenrogated, the transaction status, or the like. 

RFID antenna 106 may be in communication vnth a ti^ansponder 306 for 
transn^tting an inten^ogation signal and receiving at least one of an authentication 
request signal and/or an account data from fob 102. Transponder 306 may be of 
similar description as transponder 114 of FIG. 2. In particular, transponder 306 may 

20 be configured to send and/or receive RF signals in a fonmat compatible vwth antenna 

202 in similai" manner as was described with respect to fob transponder 114. For 

example, where transponder 306 is 13.56 MHz RF rated antenna 202 niay be 13.56 

MHz compatible. Similarly^ where transponder 306 is ISO/IEC 14443 rated, 

antenna 106 may be ISO/IEC 14443 compatible. 
25 RF module 302 may Include, for example, transponder 306 in communication 

with authentication drojitry 308 which may be In communication wnth a secure 
database 310. Authentication circuitry 308 and database 310 may be of similar 
description and operation as described with respect to authentication circuitry 210 
and secure memory database 21 2 of FIG. 2. For Ofcample, database 31 0 may store 
30 data con-esponding to tiie fob 102 which are authorized to transact business over 
system 100. Database 310 may additionally store RFID. reader 104 Identifying 
information for providing to fob 102 for use in authenticating whether fRFID reader 
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' 104 is authorized to be provided the fob account nunnb6r stored on fob database 
214. 

Authentication circuitry 308 may be of similar description and operation as 
. authentication drcuitry 210. That is< authentication circuitry 308 may be configured 
5 to authenticate the signal provided by fob 102 in sinralar manner that authentication 
■■ dreuiiry 210 may be configured to authenticate the signal provided by RFID reader 
104. As is described mdre fully below, fob 102 and RFID reader 104 engage in 
mutual authentication. In this context, "mutual authentication" may mean that 
operation of the system 100 may not take place until fob 102 authenticates the 
1 0 signal from RFID reader 1 04, and RFID reader 1 04 authenticates the signal from fob 
102. 

Fig. 4 is a flowchart of an exemplary authentication process in accordance 
with the present Invention. The authentication process is depicted as one-sided. 
That is. the flowchart depicts the process of the RFID reader 104 authenticaUng the 

15 fob 102. although similar steps may be followed in the instance that fob 102 
authenticates RFID reader 104. 

As noted, database 212 may store security keys for encrypUng or decrypting 
signals received from RFID reader 104. In an. exemplary authenticaUon process, 
where RFID reader 104 is authenticating fob 102. RFID reader 104 may provide an 

20 interrogaUon signal to fob 102 (step 402). The interrogation signal may Indude a 
random code generated by the RFID reader authenUcafion drcuit 210. which is 
. provided to the fob 102 and which is encrypted using an unique encrypUon key 
corresponding to the fob 102 unique identification code. For example, the 
protocol/sequence controller 314 itiay provide a command to activate the 

as authentication drcuitry 308. Authentication drcuitry 308 may provide from database 
310 a fob inten-ogation signal including a randprn number as a part of the 
authentication code generated for each authentication signal. The authentlcaOon 
code may be an alphanunneric code which is recognizable (e.g.. readable) by the 
RFID reader 104 and the fob 102. The authentication code rrtay be provided to the 

30 fob 102 via the FIFID RF. interface 306 and ahtenna 106 (or alternatively ahtenna 
108). 

Fob 1 02 receives the interrogation signal (step 404). The inten^ogatlon signal 
Induding the authorization code tnay be received at the RF interface 114 via 

16 
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. antenna 202. Oiice the fob 102 is activated, the inten-ogation signal including the 
authorization code may be provided to the modulator/deitiodulatbr circuit 206 where 
the signal may be demodulated prior to providing the signal to protocol/sequence 
controller. 208. Protocol/sequence controller 208 may recognize the interrogation 
5 signal as a request for authentication of the fob 1 02, and provide the authentication 
code tib authentication arcuit 210. the fob 102 may then eiicrypt the authentication 
code (step 406). In particular, encryption may be done by authenticaHon circuit 210. 
w/hich may receive the authentication code and encrypt the code prior to providing 
. the encrypted authentication code to protocol/sequence controller 208. Fob 102 
10 may then provide the encrypted authentication code to the RFID reader 104 (step 
408). That is, the encrypted authentication code may be provided to the RFID 
reader 104 via modulator/demodulator circuit 206, RF Interface 114 (e.g., 
transponder 114) and antenna 202. 

RFID reader 104 may then receive the encrypted authentication code and 
5 decryption it (step 410). That is, the encrypted authentication code may be received 
dt antenna 106 and RF interfade 306 and may be provided to authentication drcuit 
308. Authentication drduit 308 may be provided a security authentication key {e.g., 
transponder system decryption key) from database 310. The authentication drcuit 
may use the authentication k6y to decrypt (e.g.. unlock) the encrypted authorization 
> cbde. The authentication key may be provided to the authentication drcuit based on 
the fob 102 unique identification cbde. For example, the encrypted authentication 
code may be provided along with the unique fob 102 Identification code. The 
authentication drcuit may receive the fob 102 unique identification code and retrieve 
from Uie database 310 a transponder s^tem decryption key con-elative to th6 
unique fob 1 02 identification code for use in decrypting the encrypted authentication 
code. : 

Once the guthentication code Is decrypted, the decrypted auUientication code 
is compared to the auttientication code provided by the RFID reader 104 at step 402 
(step 412) to verify its authentidty. If the decrypted authorization code is not 
readable (e.g., recognizable) by the authentication drcuit 306, ttie fob 102 is 
deemed to be unauthorized (e.g., unverified) (step 416) and ttie operation of system 
100 is terminated (step 418). Contirarily. if Uie dedrypted authorization code is 
recognizable (e.g., yerifiied) by the fob, 102, the decrypted authorization code is 

17 
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deemed to be authenticated (step 412), and the transaction is allowed to proceed 
(step 414). In one particular embodirnent, the proceeding transaction nnay mean 
that the fob 102 may authenticate the RFID reader 104, although, it should be 
apparent that the RFID reader 104 may authenticate the fob 102 prior to the fob 102 
.5 authenticating the RFID reader 104* 

It should be ndted that in an exenfiplalryyerificdtiG^ process^ the authdrizatibn 
circuit 308 may determine whether the unlocked authorization code is identical to 
the authorization code provided in step 402. If the codes are not identical then the 
fob 1 02 is not authorized to access system 100. Although, the verification process 
10 is described with respect to identicality, identicality is not required. For example, 
authentication circuit 308 may verify the decrypted code through any pi'dtocol,. steps, 
or process for defermihing whether the decrypted code corre3f)onds to an 
authorized fob 102. 

Authentication circuitry 308 may additionally be in communication with a 
15 protocol/sequence controller 314 of similar operation and description as 
protocol/sequence controller 208 of FIG. 2. That is, protocol/sequence device 
controller 314 may be configured to determine the order of operation of the RFID 
reader 104 components. For example, FIG. 5 illustrates and exenrplary dedsion 
process under which protocol/sequence controller 314 mdy operate. 
20 Protocol/sequence controller 31 4 may command the different components of RFID 
reader 104 based on whether a fob 102 is present (step 502). For example, if a fob 
.102 is not present, then protocol/sequence controller 314 nnay command the RFID 
reader 104 to provide an uninterrupted inten^gation signal (step 504). That is, the 
. protocol/sequence controller may command the authentication circuit 308 to provide 

ft 

25 an uninterrupted intenrogation signal until the presence of a fob 102 is realized. If a 
fob 102 is present, the protocol/sequence controller 314 may command the RFID 
reader 104 to authenticate the fob 102 (step 506). 

As noted above, authentication may rhean that the protocol/sequence 
controller 314 may command the authentication drcuit 308 to provide fob 102 v\/ith 

30 an authorization code. If a respOhSd is received from fob 102, protdcot/sequence 
controller may dietermine if the response is a response to the RFID reader 104 
provided authentication code, or if the response is a signal requiring authentication 

(step 508). If the signal requires auth^^^ the protocol/sequence 

'"*" " '., . .... .-' 
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cdhtroller 314 may activate the authwiticaitidn drcuit ais described above (step 506). 
On the other hand, if the fob 1 02 signal is a response to the provided authentication 
code, then the protocol/sequence controller 314 nray comnrand the RFID reader 
104 to retrieve the appropriate security key for enabling recognition of the signal 
5 (step 510). that IS, the . protbool/se(|uence controller 314 may command the 
authehticatibn drcuit 308 to retrieve from database 310 a isecUrity key (e.g., 
transponder system decryption key),, unlock the signal, arid conrH>a~re the signal to 
the signal provided by the RFID reader 104 in the authentication process (e.g., step 
506). If the signal is recognized, the protocol/sequence controller 314 may 
10 detennine that the fob 102 is authorized to access the system 100. If the signal is 
not recognized, then the fob is considered not authorized. In which case, the 
protocol/sequence controller 314 may command the RFID contrdler to interrogate 

for authorized fobs (step 504). 

Once the protocol/sequence cbntroller determines that the fob 102 Is 
15 authorized, the protocol/sequence controller 314 may seek to determine if additional 
signals are being sent by fob 102 (step 514). If no additional signal is provided by 
fob 102, then the protocd/sequence contrdler 314 may provide all the components 
of RFID reader 104 to remain idle until such time as a signal is provided (step 516). 
Contrarily, where an additional fob 102 signal is provided, the protocol/sequence 
20 contrdler 314 may determine if the fob 102 is requesting access to the nierchant 
point of sale terminal 110 (e.g., POS device) or if the fob 102 is attempting to 
intOTogate the RFID reader 104 for return (e.g., mutual) authorization (step 518). 
Where the fob 102 Is requesting access to a merchant point of sale terminal 110, 
the protocol/sequence coritrdler 314 may command the RFID reader to open 
25 qommunlcations with the pdnt of sale temfilnal 110 (step 524). In particular, the 
protocol/sequence contrdler may command the pdnt of sale terminal 
communications interface 31 2 to become active, permitting ti^ansfer of data between 
the RFID reader 104 and Uie merchant pdnt (tf sale terminal 110, 

On the ottier hand, If the protocol/sequence controller deteohines that the fob 

• ■ > * > 

30 102 signal Is a mutual Irttertogation signal, then the protocol/sequence contrdler 
may command the RFID reader 104 io encrypt the signal (step 520). The 
protocol/sequence contrdler 314 may command the encryption authentication drcuit 
318 to retrieve from database 32p the. appropriate encryption key in response to the 
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fob 102 mutual interrogation signal, the protocol/sequence cbntrdller 314 may then 

command the RFID reader 104 to provide the encrypted mutual interrogation signal 

* 

to the fob 102. The protocol/sequence controller 314 may command the 
authentication drcuit 31 8 to provide an encrypted mutual iriten-ogation signal for the 
5 fob 102 to mutually authenticate. Fob 102 may then receive the encrypted mutual 
interrogation signal and retrieve from authentication drcuitry 212 a RFID reader 
decryption key. 

Although an exemplary decision process of protocol/sequence controller 314 
is described, it should be understood that a similar dedsion process may be 
10 undertaken by protocol/seiquence controller 208 in controlling the components of fob 
102. Indeed, as described above, protocol/sequence contrdler 314 may have 
; similar operation and design as protocol/sequence controller 208. In addition, to the 
above, protocol/sequence controllers 208 and 314 may incorporate in the dedsion 
process appropriate commands. for enabling USB interfaces 222 and 316, when the 
1 5 corresponding device is so connected. 

Encryption/decryption component 318 may be further in communication with 
a secure account number database 320 which stores the security keys necessary 
for decrypting the encrypted fob account number. Upon appropriate request from 
protocol/sequence controller 314, encryption/decryption component {e.g., drcuitry 
20 318) may retrieve the appropriate security key, decrypt the fob account number and 
forward the decrypted account number to protocol sequence controller 314 in any 
format readable by any later connected POS device 110. In one exempfary 
; iBnA>odiment, the account number may be forwarded in a conventional magnetic 

* • • 

stripe format compatible with the ISO/IEC 7813 standard. Upon recei\^ng the 
is aiDCOunt number In magnetic stripe format, protocol/sequence controller 314 may 
fonrard the account number to POS device 1 10 via a communications interface 312 
and data link 122, as best shown in Figure 1. POS device 110 may receive the 
decrypted account number and forward the magnetic stripe forrriatted account 
number to a merchant network 1 12 for processing under the merchant's businiess as 
30 usual standard. In this way, the present invention eliminates the need of a third- 
,party server. Further, where the POS device 110 receives a riesponse from network 
112 (e,g., transaction authorized or denied), protocol/sequence controller 314 may 

■ 

20 
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provide the netwdrk response to the RF module 302 for optically ahd/dr audibly 
communicating the response to the fob 102 user, 

RFID reader 104 may additionally include a USB interface 316. in 
communication with the protocol/sequence cdntroller 314. In one embodiment, the 

5 USB interface may be a RS22 serial data interface. Alternatively, the RFID reader 
104 may include a serial interface such as. for exannple, a RS232 interface in 
communication with the protocol/sequence controller 314. The USB connector 316 
may be in communication with a personalization system 116 (shown in FIG. 1B) for 
initializing RFID reader 104 to system 100 application parameters. That is, prior to 

10 operation of system 100, RFID reader 104 may be in communication with 
personalization system 116 for populating database 310 with a listing of security 
keys belonging to authorized fobs 102, and for populating database 320 with the 
security keys to decrypt the fob 102 account numbers placing the account numbers 
in ISO/IEC 7813 format. In this way. RFID reader 104 may be populated with a 

15 unique identifier (e.g., serial number) which may be used by fob authentication 
circuitry 210 to detemnjne if RFID reader 104 is authorized to receive a fob 102 
encrypted account number. 

■ > • » ■ 

FIG. I B illustrates an exemplary personalization system lOOB, in accordance 
with the present invention. In general, typical personalization system 100B may be 

20 any system for Initializing the RFID reader 104 and fob 102 for use in system 100A. 
With reference to FIG. IB. the similar personalization process for fob 102 may be 
. illustrated. For example, personalization system 1 16 may be in communication with 
fob 102 via RF ISO 14443 interface 114 for populating fob database 212 vAih the 
security keys for facilitating authentication of the unique RFID reader 104 identifier. 

25 In addition, personalization siystem 1 16 may populate on database 212 a unique fob 
102 Identifier for use by RFID reader 104 in detennining whether fob 102 is 
authorized to access system 100. Personalization system 116 may populate (e.g., 
inject) the encrypted fob 102 account number into fob database 214 for later 

• ' * 

pro>rtding to an authenticated RFID reader 104. 
30 In one exemplary embodiment, personalization system 1 1 6 may include any 

standard computing system as described above. For exanple, personalization 
system 116 may indude a standard personal computer containing a hardvy/are 
security module operable using any conventional graphic user interface. Prior to 
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* 

populating the security key information account number and unique identifying 
information into the fob 102 or RFID reader 104, the hardware security modulemay 
authenticate the fob 102 and RFID reader 104 to verify that the components are 
authorized to receive the secure information. 

.5 FIGS. 6A-B illustrate an exemplary flowchart of a personalization procedure 

vWifch may be used to personalize fob 102 and/or RFID reader 104. Although tite 
following description discusses mainly personalization of fob 102, RFID reader 104 
may be personalized using a similar process. The personalization process, which 
occurs between the personalization system 116 and the device to be personalized 

10 {e.g., fob 102 or RFID reader 104), may begin, for example at step 602. Mutual 
authentication may occur between the personalization system 116 and the device to 
be authenticated in much the same manner as was described above with regard to 
fob 102 rruitually authenticating with RFID reader 104. That is, personalization 
system 116 may transmit a personalization system 116 identifier to the device to be 

15 authenticated which is compared by the device authentication circuitry 210. 308 
against personalization system identifiers stored in the device database 212, 310. 
Where a match does hot occur (step 604), the personalization process may be 
aborted (step 612). Where a match occurs (step 604), the personalizatioh system 
rnay prepare a personalization file to be provided to the device to be personalized 

20 (step 606). If the personalization system is operated manually, the personalization 
file may be entered into the personalization system 116 using any suitable system 
interface such as, for example, a keyboard (step 606). Where the personalization 
system 116 operator elects to delay the preparation of the personalization files, the 
system 116 may abort the personalization process (step 610). In this context, the 

25 personalization file may include the unique fob 102 or RFID reader 104 identifier, 
security key for loading into database 212 and 310, and/or security keys for 
decrypting a fob account number which way be loaded in database 320. 

Fob 102 may be personalized By direct connection to the personalizaBon 
system 116 via RF ISO/IEC 14443 interface 114, or the fob 102 may be 

■ 

30 personalized using RFID reader 104. PensOnalization system 116 and RFID reader 
104 may engage in mutual authentication and RFID reader 104 may be configured 
to transmit the fob personalization file to fob 102 via RF. Once the fob 102 is 
presented to RFID reader 104 (steps 608, 614) for personalization, .fob 102 and . 

22 
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RFID reader 104 may engage in rhutual authentication (step 614). Where the fob 
102 is not presented to the RFID reader 104 for personalization, the personalization 
process may be aborted (step 610). 

If the fob 102 is. detected, the personalization system 116 may create as a 
5 part of the personalization file, a unique Identifier for providing to the fob 102 (step 
616). the idiehtifier is unique in that one identifier may be giv^n only to a single fob. 

. ^ ' ' • 

That is, no other fob may have that same Identifier. The fob may then be configured 
and loaded with that identifier (step 61 6). 

The encrypted fob 102 account number may be populated into fob 102 in the 
10 same manner as is described with respect to the fob 102 unique identifier. That is, 
personalization system 116 may pre-encrypt the account data (step 640) and inject 
the encrypted account into fob database 214. (step 622). The encrypted account 
data may be loaded (e.g., injected) into the fob 102 tising RFID reader 104 as 
discussed above. 

15 Once the personalization file is populated into the fob 102, the populated 

information is irreversibly lockied to prisvent alteration, unauthorized reading and/or 
unauthorized access (step 624). Persbnalizatiori system 116 may then create a log 
of the personalization file information for later access arid analysis by the 
personalization jsystem 116 user (step 626). 

20 It should be noted that in the event the personalization system 116 process is 

compromised or intenupted (step 628); the personalization system may send a 
security alert to the user (step 630) and the personalization process may be aborted 
(step 612). On the other hand, where no such compromising or Interruption exists. 
. the personalization system may be prepared to begin initialization on a second 

26 device to be personalized (step 632). 

FIGS. 7A^B illustrate another exemplary embodiment of a personalization 
process which may be used to personalize RFID reader 104. RFID reader 104 may 
be in communication with a piersonalization system 116 via RFID reader USB 
connection 316 (step 702). Once connected, personalization system 116 may 

30 establish comnriurilcations with the RFID rfeader 104 and RFID reader 104 may 

* . • * - 

provide personalization system 116 any RFID reader 104 identification data 
presently stored on the RFID reader 104 (step 704). In accordance with step 708. 
where the RFID reader 104 is being personialized for the first tirne (step 706) the 
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RFID reader .104 and the personalization system 116 may engage in mutual 
authentication, as described above \An'th respect to FIGS. 6A-B. After the mutual 
authentication is complete, personalization system 116 may verify that RFID reader 
104 is property manufactured or configured to operate within system 100. The 
5 verifrcation may include evaluating the operation of the RFID reader 104 by 
determining if the RFID reader will accept predetermined default settings. That is, 
the personalization system .116 may then provide the RFID reader 104 a set of 
default settings (step 708) and delennine if the RFID reader 104 accepts those 
settings (step 712). If RFID reader 104 does not accept the default settings. 

10 personalization system 116 may abort the personalization process (step 714). 

if the personalization system 1 1 6 determines that the personalization process 
is not the first personalization process undertaken by the RFID reader 104 (step 
706), personalization system 116 and RFID reader 104 may engage in a mutual 
authentication process using the existing security keys already stored on RFID 

15 reader 104 (step 710). If authentication is unsuccessful (step 712), the 
personalization system may abort the personalization process (step 714). 

Where the personalization system 116 and the RFID reader 104 successfully 
mutually authenticate, the personalization system 116 may update the PtF\D reader 
104 security keys (step 716). Updjating the security keys may take place at any time 

20 as determined by a system 100 nranager. The updating may take place as part of a 
routine maintenance or merely to install current security key data. The updating 
may be performed by downloading firmware into RFID reader 1 04 (step 718). In the 
event that the personalization system determines in step 706 that the RFID reader 
104 Is undergoing an initial personalization, the firmware may b& loaded into the 

25 RFID reader 104 for the first time. In this context, 'firmware" may include any file 
which enables the RFID reader 102 to operate under system 100 guidelines. For 
example, such guidelines may be directed toward the operation of RFID reader 
protocol/sequence controller 314. 

Personalization system 116 may then determine if the personalization keys 

■ . • ' . • ' . • 

30 : (e.g., security kqys, decryption keys, RFID Identifier) need to be updated or if the 
RFiD reader 104 needs to have an initial installation of. the personalization keys 
(step 720). If so. then personalization system 116 may download the 
;personallzation keys as appropriate (step 722), 

24 • 



wo 03/007623 PCTAJS02/21903 

Personalization system 116 may theiri check the RFID reader 104 to 
determine if the fob 102 identifiers and corresponding security keys should be 
updated or Initially loaded (step 724): If no updaitlng is necessary the 
personalization system may end the personalization procedure (step 732)^ 
5 Contrarily^ If the personalization system 116 determines that the fob 102 identifiers 
and corriespondlhg k6ys need to be updated or installed* the persohalizalion system 
may download the information onto RFID reader 104 (step 726). The information 
(e.g., fob security keys and identifiers) may be downloaded in an encrypted fomnat 
and the RFID reader 104 may store the information in the RFID reader database 
10 310 as appropriate (step 728), The personalization system may then create or 
update a status log cataloging for later use and analysis by the personalization 
system 116 user (step 730). Upon updating the status log, the personalization 
process may be tenrtnated (step 732). 

It should be noted that, in some instances it may be necessary to 
15 repersbnalize the RFID reader in similar rinanner as described above. In that 
instance, the personalization method described in FIGS. 7A and 7B may be 
repeated. 

FIG. 8 illustrates an exemplary flow diagram for the operation of system 
100A. The operation may be understood with reference to FIG. 1A, which depicts '' 

20 the elements of system 100A which may be used in an exemplary transaction. The 
process is initiated when a customer desires to present a fob 102 for payment (step 
802). Upon presentation of the fob 102, the merchant initiates the RF payment 
procedure via an RFtD reader 104 (step 804). In particular, the RFID reader sends 
out an intenrogation signal to scan for the presence of fob 102 (step 806). The RF 

25 signal may be provided ^da the RFID reader antenna 106 or optionally via an 

• » 

external antenna 108. The customer theri nriay present the fob 102 for payment 
(step 808) and the fob 1 02 Is activated by the RF interrogation signal provided. 

The fob 102 and the RFID reader 104 may then engage in mutual 
. authentication (step 810). Where the mutual authentication is unsuccessful, an 
30 error message may be provided to the customer via the RFID optical and/or audible 
indicator (step 814) and the transaction may be aborted (step 816). Where the 
mutual authentication is successful (step 814), the RFID reader. 104 may provide the 
- jcustomer with an appfopriate optical and/or audible message (e.g., "transaction 

w * 

25 
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processing" or ^vait") (step 818). The fob protocdl/sequence controller 208 may 
then retrieve from database 214 an encrypted fob account number and provide the 
encrypted account number to the RFID reader 1 04 (step 820). 

The RFID reader 104 may then decrypt the account number and convert the 
5 account number ifito magnetic stripe (ISO/IEC 7813) format (step 822) and provide 
the unencrypted account number to the rtierchaht system 130 (stiep 828). In 
particular, the account number may be provided to the POS 110 device for 
transmission to the merchant network 112 for processing under known business 
transaction standards. The POS device 110 may then send an optical and/or 

10 audible transaction status message to the RFID reader 104 (step 830) for 
communication to the customer (step 832). 

It should be noted that the trahsafction account associated with the fob 102 
rinay include a restriction, such as, for example, a per purchase, spending limit, a 
time of day use, a day of week use, certain merchant use and/or the like, wherein an 

15 additional verification Is required when using the fob outside of the restriction. The 
restrictions may be personally assigned by the fob 102 user, or the account 
provider. For example, in one exemplary err^ddiment, the account may be 

established such that purchases above $X {i.e., the spending limit) nrujst be verified 

■ • 

by the customer. Such verification may be provided using a suitable personal 
20 identification number (PIN) which may be recognized by the RFID reader 104 or a 
payment authorization center (not shown) as being unique to the fob 102 holder 
{e.g., customer) and the correlative fob 102 transaction account number. Where the 
requested purchase is above the established per purchase spending limit, the 
Customer may be required to provide, for example, a PIN, biometric sample and/or 
25 similar secondary verification to complete the transaction. 

Where a verification PIN is used as secondary verification the verification PIN 
may be checked for accuracy against a corroborating PIN which con-elates to the 
fob 102 transaction account number. The corroborating PIN inay be stored locally 
{e.g., on the fob 102, or on the RFID regder 104) or may be stored on a database 
30 {not shown) at the payment authorization center. The payment authorization center 
database may be any database maintained and operated by the fob 102 transaction 
account provider. . 

26 



W6 03/007623 PCTAJS02/21903 

The verification PIN may be provided to the POS device 110 using a 
conventional merchant (e.g., POS) PIN key pad 1 18 in communicalibn with the POS 
device 110 as shown in FIG. 1, or a RFID keypad in communication with the RFID 
reader 104. PIN keypad may be in communication with the POS device 110 (or 
5 alternatively, RFID reader 104) using any conventional data link described above. 
Upon receiving the verification PIN, the RFID reader 1 04 rray seek to match the PIN 
to the corroborating PIN stored on the RFID reader 104 at database 310 or 320. 
Alternatively, the verification PIN nnay be provided to a payment authorization center . 
to determine whether the PIN matches the PIN stored on the payment authorization 
10 center database which correlates to the fob 102 account. If a match is made, the 
purchase may no longer be restricted, and the transaction may be allowed to be 
completed. 

in an alternate embodiment, verification of purchases exceeding the 
established spending limit may involve biometrics circuitry included in fob 102. FIG. 

.15 9 is a schematic block diagram of an exemplary fob 102 wherein fob 102 includes a 
biometric security system 902. Biometric security system 902 may include a 
biometric sensor 904 for sensing the fingerprint of the fob 102 user. The biometric 
serisor 902 may be in comrmintcgtion with a sensor interface/driver 906 for receiving 
the sensor fingerprint and activating the operation of fob 102. In communication 

20 with the biometric sensor 904 and sensor interface 906 may be a battery 903 for 
providing the necessary power for operation of the biometric security system 
components. 

In one exemplary application of the fob 102 including the biometric security 
system 902, the customer may place his finger oh the biometric sensor to initiate the 
25 mutual authentication process between the fob 102 and the RFID reader 104, or to 
provide secondary verification of the user's identity. The sensor fingerprint may be 
digitized and compared against a digitized fingerprint stored in a database (e.g., 

• * - . 

security database 212) included on fob 102. Such comparison step may be 

. cbntrolied by protocol/sequence controller 208. and may be validated by 

• • ■ ■ " . • . * . ' ■ • • 

30 authentication drcuit 210. Where such verification is made, the mutual 
authentication between fob 102 and RFID reader 104 may begin, and the 
U^nsaction may proceed accordingly. Alternatively, the comparison may be made 
. . with a digitized fingerprint stored on. g database nriaintained by the,;fob 1Q2 

27 
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transaction account provider system (not shown). The digitized fingerprint may be 
verified in much the same way as is described above with respect to the PIN. 

In one exemplary application of the fob 102 induding the biometric security 
system 902. the system 902 may be used to authorize a purchase exceeding the 
5 established per purchase spending limit. In this case, where the customer's 
intended purchase exceeds the spending, lintit, the customer ntay be asked to 
provide assurance that the purchase is authorized. Accordingly, the customer may 
provide such verification by pladng his finger over the biometric sensor 904. The 
biometric sensor .904 niay then digitize the fingerprint and provide the digitized 

iO fingerprint for verification as described above. Once verified, fob 102 may provide a 
transaction authorized signal to RF transponder 202 (or alternatively to transponder 
220) for forwarding to RFID reader 104. RFID reader 104 may then provide the 
transaction authorized signal to the POS device 110 in sirhilar manner as is done 
vvith convention PIN driven systems and the POS device 110 may process the 
, 15 transaction under the merchant's business as usual standard. 

The preceding detailed description of exemplary embodiments of the 
invention makes reference to the accompanying drawings, which show the 
exemplary embodiment by way of illustration. While these exeniplary embodiments 
are described in suffident detail to enable those skilled in the art to practice the 

20 invention, it should be understood that other embodiments may be realized and that 
lojgical and mechanical changes may be rtiade without departing from the spirit and 
scope of the invention. Thus, the preceding detailed description Is presented for 
purposes of illustration only and not of limitation, and the scope of the invention is 
defined solely by the apperided dalms and their legal equivalents vyhen pfoperiy 

25 read in light of the preceding description. For example, the steps redted In any of 
the method or process dalnis may be executed in any order and are not limited to 
the order presented. 
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Claims 

Wedaim: 

5 1. A trahspondeMeader payment system cdmpri^^^ 

a. a Radio Frequency Identification (RFID) reader operable tb providiB a 
radio frequency (RF) interrogation signal for powering a transponder system, 
receiving a transponder system RF signal, and communicating a transponder 
system, account data related to said transponder system RF signal to a merchant 

1 0 system, said RFID reader including, 

I, • a first interrogator for providing a first RF interrogation signal; 

IK a RFID authentication circuit in communication with said 

■ 

interrogator; 

iii. a RFID database, in communication with said RFID 

» 

. 15 authentication circuit; 

iv, a universal serial bus (USB) interface; and 

V. a RFID protocol/sequence controller In communication with at 
least one of said first interrogator, said RFID authentication drcuit, said RFID 
database, and siaid USB interface, said RFID protocol/sequence controller 
20 configured to facilitate control of the order of operation of said inten-ogator, said 
RFID authentication drcuit, said RFID database, and said USB interface. 

2. A system according to claim 1 further comprising: 

a. a transponder system operable to receive said first RF interrogation 
25 signal, authenticate said first RF interrogation signal, and transmit said transponder 
. system account data, said transponder system cornprising a 

I . a first transponder responsive to said RF inten^ogation signal ; 

ii. a second transponder responsive to a second RF interrogation 
signal, said first RF inten-ogation signal different Uom said second RF intenrogation 

• « 

30 signal; 

iii. a transponder system authentication circuit in conrimunication 
with at least one of said first transponder and said second transponder; and 

29 
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* « 

IV. a transponder system database in cbmmuriication with said 
transponder system authentication circuit. 

3, A system according to claim 2, v^erein said transponder system further 

5 indudiBs: 

a. . a transponder systeni USB Interface; and 

b. a transporider system protocol/sequence contrdlier iri communication 
with at least one of said first transponder, said second transponder, said 
transponder system USB interface, said transponder system authentication drcuit, 

1 0 and said transponder system database, said transponder system protocol/sequence 
controller corlfigured to control the order pf operation of said first transponder, said 
second transponder, said . transponder system authentication circuit, said 
transponder system database, and said transponder system USB interface. 

■ 

15 4. A system according to daim 1 , wherein said RFID reader further indudes: 

a. a second inten-bgator, said second InterroQatbr operable to send a 

second RF interrogation signal; and 

b. a RFID communications interface configured to communicate with a 
merchant system, said communications interface operable to provide said 

. 20 transponder s^tem account data. 

5. A system according to daim 4, wherein said RFID reader further indudes a 
first antenna in conmnunication with said first Interrogator and a second antenna in 

' * * ■ * * 

communication with said second Inten-ogator, wherein said first antenna is operable 
25 to provide said first RF Interrogation signal to said first transponder and said second 
interrogator is operable to provide said second RF Interrogation signal to said 
second transponder. 

6. A system according to claim 1, wherein said RFID reader further conprises 
30 at least one of a universal serial bus (USB) ahd a serial interface. 

7. A system according to daim 1, wherein said RFID database is operable to 
store at leas|t one of a RFID reader identif^ng data, a transponder system 

30 
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decryption security key. a RFID reader encryption security key, an transponder 
authentication key and a transponder system personal identifidation nurrber (PIN). 

8. A system according to daim 5, wherein said RFID reader further comprises 
5 al least one of a RFID intemal antenna, and a RFID external antenna, said RFID 

. . - ■ , ■ • . , • 

intemal antenna aiid said RFID external antenna configured to provide at least one 

■ 

of said first RF interrogation signal and said second RF interrogation signal. 

9. A system according to claim 2, wherein said transponder system further 
10 comprises at least one of a first transponder system antenna and a second 

transponder system antenna, said first transponder system antenna configured to 
receive said first RF interrogation signal,, and said second transponder system 
. antenna configured to receive said second RF interrogation signal. 

• . . * • 

15 16. A system according to daim 3, wherein said transponder system 
protocol/sequence controller Is responsive to at least one of said first RF 
Inten-ogatlon signal and said second RF Inten-c^ation signal, said transponder 
protocol/sequence controller controlling the sequence of operation at least one of 
said transponder system authentication drcuit, said transponder system database, 

20 and said transponder system USB interface in response to at least one of said first 
RF interrogation signal and said second RF interrogation signal. 

11. A system according to daim 3, wherein said transponder system 
protocol/sequence controller Is configured to activate said transponder system 

25 authentication drcuit In response to said first RF interrogaUon signal, said 
transponder system authenticating drcuit configured to provide an encrypted RF 
Interrogation signal, said transponder system authentication drcuit configured to 
provide said encrypted RF inten-ogation signal to said first transponder for providing 
td said RFID reader. 

30 \ - . ■ 

■ • • . ' 

12. A system according to dairn 11, wherein said RFID reader is configured to 
receive said encrypted RF intenrogation signal, said transponder system 

31 
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protocol/sequence controller activating said transponder system, authentication 
circuit in response to said encrypted RF inten^ogalion signal. 

1 3. A system accdrding to daim 1 2, wherein said RFID database is configured to 
5 provide a transponder system decryption key to said RFID authenUcalidn. circuit In 

response to said encrypted RF Inten^ogatlon signal, said transponder system 
decryption key for use in decrypting said encrypted RF interrogation signal, 
providing a decrypted RF inten-ogation signal, said transponder system decryptidn 
key provided to said reader based on an unique transponder idientification code. 

10 

14. A system according to claim 13, wherein said RFID authentication circuit is 
configured to compare said decrypted RF intfen-ogation signal and said RF 
Interrogation signal to determine whether a match exists. 

15 15. A system according to daim 14, v\^erein said RFID protocol/sequence 
controller is configured to activate at least one of said USB interface and said RFID 
cornmunication interface v»/here said RFID authentication drcult matches said 
decrypted RF inten-ogation signal and said RF inten-ogation signal . 

20 16. A system according to daim 15. wherein said transponder system 
protocol/sequence controller activates said transponder system authentication 
circuit in response to at least one of said first RF inten-pgation signal and said 
second RF interrogation signal. 

■ * . • 

25 17. A claim according to daim 16, wherein said transponder system 
authentication drcult. is configured to pfoyide a transponder authentication code to 

♦ 

at least one of said first transponder and said second transponder for providing to 
said RFID reader. 

30 18. A system according to daim 17, wherein said RFID reader is configured to 
receive said transponder authentication code, said RFID protocpl/sequence 
controller activating said RFID authentication drcult in response to said transponder 

...„.,.../ • - • :■ •■ _\ ' 

• ■ 
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authentication code, said RiFID authentication drcuit configure to encrypt said 
transponder authentication code. 

19. A system according to daim 18, wherein said RFID reiader is configured to 
5 provide said encrypted authentication code to said transponder system. 

20. A system according to daim 1 9, wherein said transponder system database 
is operable to store at least one of a transponder system identification data, a RFID 
reader decryption security key, a transponder system account data. 

10 

21 • A system according to daim 20. wherein said transponder system database 
is configured to provide said RFID reader diecryptibn security key to said 
transponder system authentication drcuit in response to said encrypted 
authentication code, said RFID reader decryption key for use in decrypting said 
15 encrypted transponder authentication code, providing a. decrypted transponder 
authentication code. 

22. A system according to daim 21, wherein said transponder system 
authentication drcuit is configured to compare said decrypted transponder 

20 aiuthentication code and said transponder authentication code to deternrane if a 
match exists. 

23. A system according to daim 22, wherein said account data is in nfiagnetic 
sitripe fomnat. 

24. A system according to daim 23, wherein said trarisponder system transaction 
account data is pre-encrypted. 

25. A system according to daim 24, wherein, said transponder system database 
30 is configured to provide said pre-encrypted transponder system account data to said 

RFID reader where said transponder system authentication circuit matches said 
decrypted transponder authentication code and said transponder authentication 
•Code.' 
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26. A system according to dairn 25, wtiereiri said RFID communications interface 
is configured to provide said transponder system PIN and said pre-encrypted 

. transponder system account data where said transponder authentication code 
5 matches said decrypted transponder authentication code, and said decrypted RF 
interrogation signal matches 3aid RF iriterrogatio^^ 

27. A system according to daim 26, wherein said transponder system further 
comprises a switch, said switch operable to enable or disable operation of said 

.10 transponder system. 

28. A system according to dairh 27, wherein said switch is configured to place 
the transponder system in at least one of a selectivity mode and an indusivity mode. 

15 29. A system according to daim 27, wherein said switch is mechanical. 

30. A system according to daim 27, wherein said switch is configured to respond 
to a logic drcuit. 

20 31. A system according to claim 2, wherein said transponder systenr) further 
indudes an internal power source. 

, 32. A system according to daim 31, wherein said switch is in communication with 
said internal power source, said switch responsive to said internal power source. 

25 ■ ' ■■ ■ 

.33. A system according to daim 31, wherein said transponder system further 
indudes a biometric drcuit, said biometric drcuit in communication with said internal 
. . power source. 

30 34. A system accordirig to daim 27, wherein said $witdi is a biorrfetrlc drcuit, 
said biometric drcuit operable to enable or disenable operation of said transponder 
system. 

* . • < . ■ , 
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35. A system according to dalm 34. wherein said bidm6tric drcuit is configured to 
place said transponder system in one of a selectivity mode and an indusivity mode. 

36: A system according to daim 7, wherein said RFID reader includies a RFID 
5 PiN keypad, said RFID PIN keypad configured to receive said transponder PIN, said 
RFID reader configured to compare said transponder PIN to said received 
transponder PIN, said RFID reader op&riMe to provide at least one of said received 
transponder PIN, said transponder PIN, or a verification of said received 
transponder PIN, verification of received transponder PIN provided where said RFID 

* 

10 reader matches said transponder PIN to said received transponder PIN. 

37. A system according to daim 7, wherein said RFID reader is configured to 
provide said transponder PIN to a payment authorization center for verification of 
said transponder PIN. 

15 

38. A system according to claim 36, wherein said merchant system indudes a 
rtierchant system PIN keypad, said merchant system PIN keypad configured to , 
receive said transponder PIN from said merchant system PIN . keypad, said 
•rtierchant system configured to provide said transponder PIN to said payment 

20 authorization center for verification. 

39. A system according to daim 33, wherein said biometric drcuit is configured to 
provide a biometric data verification response, said biometric drcuit configured to 
provide said biometric data verification response to at least one of said RFID reader 

25 and said rflerchant system, wherein said biometric data verification resporise Is an 
identification verification data. 

40. A system according to daim 3, further comprising a personaHzation system 

operable to Initialize at least one of said transponder system and said RFID reader 

■ ■ '. ■ ' ■'" ■ 

30 to trahspondef-reader payment system parameters. 
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41 . A system according to dairii 40, wherein said personaliiatiori system is in RF 
communications with said transponder systerh using at least one of a USB 
connector and RF communications. 

'5 42. A system according to claim 41, wherein said personaiizatibn system is in 
eledrical communlcaitlons v^^th said RF^^ 

• * • 

43. A system according to daim 42, wherein said personalization system is 
operable to populate at least one of said RFID reader identifying data, transponder 

10 system decryption security key. RFID encryption security key, and transponder PIN 
on said RFID database. 

44. A system according to daim 43, v\rtierein said personalisation system Is 
operable to populate at least one of said transponder system identification data, a 

15 RFID reader decryption security key, a transponder encryption authentication 
security key, a transponder system transactional account data, and a transponder 
system authentication security key onto said transponder system database. 

45. A system according to claim 2, wherein said RFID reader is operable to 
20 initialize said transponder. 

46. A system according to daim 2, wherein said RFID reader Is In RF 
communication wiUi said transponder system, said . RFID reader operable to 
populate at least one of said transponder systerti identification data, a RFID reader 

25 deoyption security key, a transponder system transactional account data cjnto said 
transponder system database. 

■ 

47. A tiransponder-reader payment system comprising: . 

a transponder system operable 16 receive a first RF interrogation signal, and 
30 authenticate said first RF inten-ogation signal, said transponder system corr^rislrig: 

a. a first transponder responsive to said first RF interrogation signal ; and 

b. a second transponder responsive to a second RF Inlenrogation signal, 
, : said first RF interrogation signal ^different from said second RF.intenrpgation signal. 
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48. A system according to daim 47, wherein said transponder system further 
includes a transponder system USB Interface. 

■ • • • 

* * * ■ 

5 49. A system according to dalm 47, vvherein said transponder system further 
Includes a serial inteiface. 

50. A transponder-reader payment system comprising 

a transponder system operable to receive a first RF Interrogation signal and 
1 0 authenticate said first RF interrogation signal, said transponder system comprising a 
transponder system USB Interface. 

51 . A transponder-reader payment system comprising a RFID reader operable to 
provide at least a first Inten-ogator for providing a first interrogation signal and a 

1 5 second interrogator for providing a sficdnd Interrogation signal. 

52. A method of transponder-reader payment comprising the steps of; 

a. providing a transponder system, the transponder systern responsive to 
a plurality of intenrogation signals, the transponder system storing at least one of an 

20 account data, an account name, and account expiration date; and 

b. providing a RFID reader, said reader configured to provide at least one 

of the interrogation signals. 

* 

• • • 

53. A rnethod according to dalm 52 Jurther (»rtiprislrig the ste^ 
25 a. encrypting the transponder syistem account data; 

. b. Initializing the transponder system; 

c. Initializing the RFID reader; 

d. mutually authenticatlngthe RFID reader and the transponder system; 

e. providing the encrypted account data from the transponder system to 

^0 the RFID reader; 

f. decrypting the encrypted account data; and 

g. providing the decrypted account data to a merchant system. 

: . . . . . . • ■• . -1 • ■• • ■ ;■'•!•- ..• • \: ' .. . 

. : -r , • • ■ ■■-—...-».'..■•..■. • ■ . _ . ... , . .. 

. • • . ; . ■ . ■ • • . . — 

37 ;■ • 



wo 03/007623 PCT/lJS02y21903 

54. A method according to claim 53, wherein mutual authenticating includes the 
RFID reader authenticating the transponder system, and the transponder system 
authenticating the RFID reader. 

5 : 55. A method according to daim 54, wherein mutual authentication includes: 

a. providing an interrogation signal from the RFID reader to the 
transponder system; 

b. encrypting the intenrogation signal at the transponder system to form 
an encrypted authentication interrogation signal; 

;10 c. providing the encrypted authentication interrelation signal to the RFID 

reader; 

d. decrypting the encrypted authentication interrogation signal at the 
RFID reader, decrypting including using a transponder system decryption security 
key; 

.15 e. matching the interrogation signal to the decrypted Inten-ogation signal; 

f. providing an authorization code from the transponder system to the 
RFID reader; 

g. encrypting the authorization code at the RFID reader to form an 
encrypted authorization code; 

20 h. providing the encrypted authorization code to the transponder system; 

i. decrypting the encrypted authorization code at the transponder 
system, decrypting including using a RFID reader decryption security key. 

j. matching the authorization code to the decrypted authorization code. 

25 56. A method according to 55, where initializing the transponder systiem ihdudes 
populating at least one of a transponder system Identification data, a RFID reader 
decryption security key, a transponder system transactional data, and an encrypted 

transponder PIN onto a transponder system database. 

* • 

-•V . • . . 

30 57. A method according to daim 56, wherein initializing the RFID reader includes 
populating at least one of a RFID reader Identifying data, a transponder system 
decryption security key, a RFID encryption security key, and a transponder PIN onto 
; " a RFiP:database. " /. / : 
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68. A method according to daim 52, wherein initializing the RFID reader includes 
populating at least one of a RFID reader identifying data, a transponder system 
decryption security key, a RFID encryption key, and a transponder PIN onto a RFID 

5 database using a USB Interface. 

■ 

• 

59. A method according to claim 56, wherein initializing the transponder system 
includes populating at least one of a transponder system identiification date, a RFID 
reader decryption security key, and a transponder system transaction data using a 

10 USB Interface. 

60. A method according to dalm 52, wherein initialing the transponder system, 
includes initializing said transponder system using a RFID reader. 

■ * 

15 .61. A method according to claim 57, including using a switch to enable the 
transponder system, the switch consisting of at least one of a mechanical switch, a 
logic switch, and a biometric switch. 

62. A method according to daim 61, induding providing a secondary 
20 identification in response to a request from a merchant system. 
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(57) Abstract: A transporter-reader payment system includes a fob (102) including a transponder (114), .arid a KFlD reader (104) 
for interrogating the transponder (102). The system may fnrtho- include a personalization system (134) for populating onto the 
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RFID reader (104) may be personalized, the fob (102) may be presented to the RFID reader (104) for intenpgatlon^ the fob (102) 
and reader (104) may engage in mutual autbentkatioii, and fob (1Q2) identifying Information ipay bepiovided to the reader (104) for 
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origiual claims 1*^2 replaced by amended claims l'59 ipages 29-40)] 

. i. A traDsponder-ieader payment system comprising: 

a a Radio Ftegaency Identification (RI^) reader 
firequency (RP) interrogation signal for powoing a transponder system, receiving a 
transponder system RF signal, and commmucating a transponder system accotmt data related 
to said transponder system RF signal to a merchant systm, said RFID reader inclndtng, 

i afiistintetrogatorforpro^dingafetRFinteirogatiottsignat 
. ii a RFID authentication circmt in cdnimtniicatio^ 

UL a RFIE) database, in cammnnication with said RFID authentication 
circuit, said database operable to store at least one of a RFID reader identifying data,, a 
transponder system decryption security key, a RFID reader and encryption security key and a 
transponder authentication key; 

* 

17. at least one of a serial inter&ce and a unwersal serial bus (USB) 

intex&ce; and 

V. a RFID protocoyseguence controller in commimication with at 1 
one of said first interrogator,, said RFID authentication circuit, said RFID database, and said 
USB mterface, said RFID protocol/sequence controller configured to &cQitate conlrol of the 

■ 

order of operation of said interrogator, said RFID authentication circuit, said RFID database, 
and said USB inter&ce. 

2. A system according to claim 1 further con^rising: 

a a transpond^ system operable to recdve said first RF interrogation.si 
^thenticate said first RF interrogation sigoal, and transmit said transponder system account 
data, said transponder system con:9)xising: 

i . a first transponder re^onsive to said RF interrogation sigjoal; 

....... . - . . . _ . - • • . 

40 
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ii a fiisttraii^Qnder sy^teni anteim cdnfigoie^ 

intetrogadoB signal; 

iii asecoiidtraii^nderrespdiisiveto.asecondl^in 

. sdd first RF intarogatioa signal difteFent from said second RF interrogation signal; 

iv. a second transpond^ system antenna configured to xeceave said second 
RF interrogation system; . 

■ * 

Y. a transponder systeni auQientication circuit in coi^^ 
least one of said first transponder and said second transponder, and 

yi a transponder systein database in c6^^ 

. system authentication circuit 

3. A system according to claim 2, wherein said transponder system further includes: 

* 

£L a transponder system USB inter&ce; and 

b. a transponder system protocol/sequence controHer in communication with at 

• « ■ • 

least one of said first triaiisponder, said second transponder, said transponder system USB . 
interface, said transponder system authentication circuit, and said transponder system 
database, said transponder system protocol/sequence controller configtnred to control the 

■ " * • 

order of operation of said first transponder, said second transponder,, said transponder system 
!&1hientication circuit, said transponder system database, and said tran^onder system USB 
ioter&ce.' 

■ . : • 

4. A system apcoiding to claim 1 , wherem said RFlD reader fiitfiier inchides: 

a a second interrogator, said second intenrogator operable to send a second RF 
interrogation signal; and 

b. a RPIDconimnmicationsinter&ce configured to ci^ 
system, said communications internee operable to provide said transponder system account 

m 

data 

' * \ ^, " ' ,^ 
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5. A system according to daim 4, whereih saM RHD le^ 

^aiteiina jn commumcatLon with said fiist inteanrogator arid a second antenna in conmxunication 

* » • # 

Vfith said second inteupgator,. wherein said JBrst gntenna is operable to provide said first RF 
interrogation signal to said first transponder and said seKxxod interrogator is operable to 
provide said second RF interrogation signal to said second transponder. 

6. A system accordmg to claim 1 , wherein said RFID database is operable to store a 
transponder system personal identification nttmbe^ O^IN). 

7. A ^tem according to claim 5, wherein said RFID reader fiirther con^rises at least 
one of a RFE) internal antenna, and a RFID external iantenna, said RFID internal antenna and 
said RFID external antenna configured to provide at least one of said first RF interrogafion 
signal axtd said second RF nDiterrogation signal 

8. A system according to claim 3, wherein said transponder system protocol/sequence 
cbniroUer is responsive to at least one of said finst RF intbtrogation signal and said secoM RF 
interrogation signal, said transponder protocol/sequence coniroller controlling the seqaence 
of operation at least one of said transponder, system anthentication drcuit, said transponder 
system database, and said transponder system USB interface in response to at least one of 
said first RF interrogation signal and said second RF interrogation signal 

9. A system according to claim 3, ivherein said transponder system protoro^ 
coidroUer is configured to activate isaid transponder system aiAtheiitication circuit in response 
to said first RF interrogation signal, said transponder system aulhenticatmg drcuit configor^ 
to provide an end^pted RF interro^tion signal^ said transponder system anthenticajtion 

drcmt configured to provide said encrjpted RF interrogation signal to said first transponder 

■ 

• • • . 

for providing to said RFID reader. 

1 0. A system according to claim 9, wherein said RFID reader is configured to receive said 
encrypted RF interrogation signal, said transponder system protocol/sequence controller 
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• . ' ^ 

activatiiig said transponder system authentication drcoit in re^onse to said encrypted RF 
intcb:rogatioii signal 

11. A system according to daim 10, wherein said KPID database is configdred to provide 
a traiispbnder system decryptioiL key to said RFID aufhenticiatioii ctrcuit in response to said 
encrypted RP intocrogation signal, said transponder system decryption key fi>r use in 
decrypting said enorypted KP interrogation signal, providiag a decrypted RF inteirogation 
signal, said transponder system decryption key provided to said RFID reader based on an 
unique transponder identification cod& 

12. A system accordmg to daim 1 1, whereih said RFID authentication cncoit is 
configured to con^are said decrypted RF inteirogation signal and said RF interrogation 

• . ■ 

signal to detCTnine v?hether a match exists. 

13. A system according to daim.12, wherein said RFID protocol/sequence controller is 
configured to activate sit least oiie of said USB inter&ce and said RFE) commimication ' 
into&ce where said RFE) authentication circuit nsatches said decrypted RF interrogation 
signal and said RF ipterrogation signal 

« 

14. A system according to daim 13, wherein said transponder system protocol/sequence 
controller activates said transponder system authentication circuit in response to at least one 
of said first RF interrogation signal and said second RF interrogation signal 

15. A daim according to claim 1 4, wherein said transponder system aoithentication drcoit 
is configured to provide a transponder authentication code to at least one of said first 
transponder and said second transponder for providing to said RFID reader. 

• • * * 

16. A system according to claim 15, wherem said RFID reador is configured to receive 
siaid transponder authentication code, said RFID protocol/sequence controller activating said 
,RFID authentication drcoit in response to ^d transponder audieutication cod^ said RFID 
authentication circuit configure to ena:ypt said transponder authentication code. 

43 

SUBSTITUTE SHEET (RULE 26) 



wo 03/007623 PCt/DS02/21903 

m • • 

17. A system according to claim 16, whcreia said RFID reader is cdxifigared to provide 
said encrypted authenticatioii code to said transponder system. 

18. A system according to claim 17, wherein said transponder system database is operable 

* 

to store at least one of a transponder system identification data, aRFID reader decryption 
security key, and a transponder system account data. 

19. A system according to claim 1 8, wherein said transponder system database is 
configured to provide said RFID reader decryption security key to said transponder system 

authentication circuit iniesponse to said encrypted authentication, code, said RPID reader 

■ 

• • • 

decryption key for use in decrypting said encrypted transponder audienticiatioii code and 

• • ' • 

- * . 

providing^ a decrypted transponder authentication code. 

20. A system according to claim 19, wherein said transponder.system authentication 
circuit is configured to conpare. said decrypted transponder authentication code and s^d 
transponder authentication code to determine if a match exists; 

21. A system according to daim 20, wherein said account data is in inagnetic stripe 
format 

22. A system according to clgim 21, wherein said transponder system transaction account 
data iis pre-encrypted 

.23. A system a(XK>rding (o claim 22, wherein sd^ 

♦ 

• configured to.provide said pre-enoypted transponder system account data to said KPID . 
readra where said transpond^ system authentication circuit matches. said decrypted 
trkisponder autfienfication code and said transponder authentication code. 
24. A ^tem accordiog to daim 23, wherein said RFID comnmnications interface is 
configured to provide said transponder system PIN and said pre-encrypted transponder 

fsystfm afttyiynt Hafei toIiptb «alH trafrntpcmHeT anth«nitiV:atiffln C^^^TIf^tTihfli; said decrypted 
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transponder aaithmdcation code, and said deicr3pted RF interrogation signal matches said RF 
interrogation signal 

25. . A s}^tem according to claim 24, whefdn sd^ 

switch, said switdi. operable to enable or disable Op eration of said transponder system. 

« 

26. A system according to claim 25, wherein said switch is configored to p^^ 
transponder system in at least one of a selectivity mode and an inclasivity mode. 

27. A system according to claim 25^. wh^ein said svntth ig meich^mr^] - 

28. A system according to claim 25, wherein said switch is configured to respond to a 

29. A system according to ciaini 2, wherein said transponder system further includes an 
ii^ernal power somre. 

30. A system according to daim 29, wherein said switch is in commnmcatiQn with said 
internal power source, said switch responsive to said internal power source. 

31. A ^tem according fo daim 29, wherein said transponder system fixrther inclndes a 
biometric circuit, said bipmetric circuit in communication with said internal power source. 

32. A systetn according to daim 25, wherein said switch is a biometric circuit, said * 

biometric circuit operable to enable or disenable operation of said transponder systemL 

• • • • 

33. A systean according to daim 32, wherein said biometdc circuit is configured to place 

. • ' 

said transponder system in one of a sdectivity mode and an inclusivity mode. 

• . • * 

34. . A system according to daim 7, wherein said RFID reader include a RFID PIN 
keypad, said RFID PIN keypad configured to recdve said transponder PIN, said RFID reader 
configured to compare said transpondor PIN to said received transponder PIN, said RFID 
reader operable to provide at least one of said received transponder PIN, said transponda 
PIN, or a Verification of said received Iransponder PIN, verification of recdved transponder 
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PIN provided where said RFID reader matches said transponder PIN to said received 
transponder PIN. 

• • • 

35. A systeni according to claiiQ 7, wherein said RFID re^ 

said traiisponder PIN to a payment authorization cent^ for verification of s^ tranq)6nder . 
PIN. . . 

36. A system according to dann 34, wjierdn said merchant system inclndes a merchant 
system PIN keypad, said merchant system PIN Iceypad configured to receive, said transponder 
PIN from said merchant systena PIN keypad, siaid merdiant system configured to provide said 
transponder PIN to said payment anthoriz^on cienter fo^ 

37. A system according to clmm 31, wherein said bipmetric circuits configured to 
provide abiometdc data vmfication response, said biometric circuit configured to provide 
said biometric .data verification response to at least one of skid RFID reader and said 
merchant system, wherein said bioinetdc data verification respoi^e is an identification 
verification data. 

38. A system according to daim 3, further corqprising a personalization system operable 
to initialize at least one of said transponder system and said RFID reader to transponder* 

3% . A system according to daim 38>wherem^aLdpersonalizati 

* 

coixttnlinication with said transponder system using at least one of a USB connector and RF 
communications. 

40. A system according td claim 39, wherein said i>etSQnafization system is in electrical 
communications with said RFID reader. 

41. A system abcording to daim 40, wherein said persbn^^ 

populate at least one of said RFID reader identifying data, transponder system decryptioh 
security key, RFOD encryption security key, and transpondier PIN on said RFID database. 
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■ . 

42. A system atccQnUng to dsam41, wberein sddpeisbna^^ system isopdc^lc to 
populate at least one of said transponder system identification data^ a RFID reader decryption 
security key, a transponder encryption auflientication secmity key, a tran^onder srystem 
ti^nsactional account data, and a transponder systi^ authentication security tey onfo said • 
transponder system database. 

43. A system according to dafan 2, wherein said RPID reader is operable to initialize said 
trahspondo:. 

.. • . * • ■ 

44. A system according to clahn2, wherein said RFID reader is in RF cotnmunicatioii 

With said transponder system, said RFE) reader qperablfe to populatiB at least onfe of said 
transponder system identiGcation data, a RFID reader decryption security key, a traiisponder 
system transactional account data onto said traposponder system database. 

• • • 

45. A transpondoTHreader payment system includmg la trahspohder system opefable to 

. receive a first RF interrogation signal, and auth^cate said first RF interrogation signal, said 
transponder system con^xt:^^ 

a. . a first tranq)dnderre£ponsive to said first RFintenr 

b. a second transponder responsive to a second RF interrogatidn signal, 
smd first RF intenx>gatidn signal different from said secon 

a . a first transponder system antemm configured to recis^^ 
interrogation signal; and 

d. a second transponder, system antenna config^^ 

■ ■ ■ • 

RF interrogation signal 

46. A system according to claim 45, wherein said transponder system fiixther includes at 
Ibdst one of a transponder system USB intel&ce, transpondo' system autheidication cir6Uit 
and a transponder ^tem serial inl^r&ce. 

47. A transponder-reader payment system comprising: 

• " , - ■* , ^ ■ " • . .. ■ ".>■ 
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a a RFDD reader operable to pro\dde a RF interrogation signal for ppwermg a 
transponder system, xecemng a 

transponder system account data related to said transponder system KP signal to a merchant 
system, said RFDD reader including: 

1 a fir^tRFID reader antenna in comnnmication mth a fiist 
for providing a first RF interrogation signal; and 

. ii a second RFID reader anteima in conitnunication \nth a second 
intem)^tor, for providing a secoiod RF interr 

. b. a transponder system operable to receive at leaist one of said first and second 
RF interrogation signal, auth^cate said received inteixpgation signal, and transmit a 
transponder system account data, said transponder system c6iq)rising: 

1 a first transponder antenna in CGmtmmication mtb a first transponder, 
said first transponder responsive to said first RF interrogation si@ial; and 

ii a second transponder antenna in cominnmcation with a second 
transponder, said second transponder responsive to said second RF interrogation signal 

48. A syst^ according to daim 47, wherein said RFID reader includes at least one of a a 
RFID reader authentication drcoit, a RFlD reader serial interface and a RFID reader USB 
inter&ce, and said transponder system includes at least one of a transponder system USB 
inter&ce, transponder syst^ autiientication drcoit, and a transponder system serial inter&ce. 

49, A me&od of trangponder*reader payment conipr^^ • 

a. providing a transponder system,.the transponder system responsive t^ 

• * * 

plurality of interrogation sjgnal$, the transponder system storing at least one of an account 
ilata, an account name^ and account e^iraitionL date^ the transponder system including at least 
* a first transponder respcdisive to a first intedrogatiqn 
xespionsrve to a second interrogation signal; and 
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b. providing a RFID reader, said reader configured to provide atleast one of the 
inteirogatioasigDals. 

50. A method according to claim 49, fiirfiier coiiQ)rising the steps o£ 
a encr}(pting the transponder system account data; 
b.. fnftiah'rfng the transponder systcgo^ 
a fnitialisdng the RFID reader; 

d iiiatually aafhenticatmg the RFID reader and the trsinsponder system; 
e. providing ^ encrypted accomt data fiom the transponder system to the Rra 
reader; 

£ • decrypting the encrypted account data; and 

g. . providing the decrypted account (bita to aiiierchant systenx 

51. A method according to claon 50, wherem mutual authenticating indudes die HPID 

* 

teader authenticating the transponder system, and the transponder system authenticating the 
RFID reader. 

5Z A mediod according to clahn 51, whereinnmtualmthentication includes: 

a providing aninteirogation signal from the RFID reader to the transpond^ 

sj^tem; 

* . - , 

b. eoGryptiiig the inteaxiigatidn signal at the tcah^ 

■ 

encrypted aufhenticatiooa interrogation signal; 

a providing (he enc^ted authenticSdion interrogation signal to the RFID reader, 

d. decrypting the encrypted authentication interrogation signal at the RFID 
reader, decrypting including using a taransponder system deo^ption security key; 

e. iimtching the iiiterrogatLon sigiial to tiie decrypted interrogate 
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£ pxoviding an authoiizatioa code fiom the transpoBder system to the RFlD 

reader; 

g. . encrypting iOie aathoiizatiQa code at the RFID rea^ 

• ■ 

aaflionzation cod^ . 

h. . providizig the encrypted audxorization bode to &e 

i deczypting the encrypted authorization code at the transponder system, 
. decrypting mcluding usmg a RFID reader deci^^ 

j. matching the authorization code to die deo^^ 

, • • 

53: A method accbrding to $2, where initializang the transponder system inchides 
populating at least one of a tran^onder system identification data, a KFID reader decryption 
security key 9 a transponder system transactional data, and an encr>pted transponder PIN onto 
a transponder system database. 

54. A method according to claim 53, whearem fnitializing the RPBD reader iachides 
populating at lease one of a transponder system identification data, a RFID reader decryption 
security key, a tran^onder system transactional data, and an encrypted transponder PIN onto 
a transponda system dat^ase. 

55. A method according to claim 49, wherein fnifiatiriTig the RFID reader includes 
populating at least one of a RFID reada identi^dng data, a transponder system, decryption 
security key, iai RFID enqryption security key, an^ 

using a USB interface. 

56. A method according to claim 53, wherein initializing the transponder system inchides 
populating at least one of a transponda: system identitying data, a RPOP reader decryption 

. security key, and a transponder syst^ transaction data using a U^B intesr&ce. 
. 57. A method.accdrding to claim 49, wherein initiating the transponder system, incMdes 
initializing said transponder system using a RFID reader. 

■ 

a ■ 

50 

SUBSTITUTE SHEET (RULE 26) 



wo 03/007623 



PCT/US02/21903 



58. A ineQiod according to claim 54, incbdiDg using a sv^ enable tibe tiansf 



system, flie switch consisting of at least one of a mechanical switch, a logic switch, and a 
bioinetric switch. 

59. . A method according to claica 58, ittcludii^ piovidmg a secondaiy MesatificaMcto in 
response to a request from a machant system 
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